{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-6378","assignerOrgId":"455daabc-a392-441d-aa46-37d35189897c","state":"PUBLISHED","assignerShortName":"NCSC.ch","dateReserved":"2023-11-29T10:18:07.523Z","datePublished":"2023-11-29T12:02:37.496Z","dateUpdated":"2024-11-29T12:04:40.421Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","modules":["logback receiver"],"platforms":["Windows","Linux","MacOS"],"product":"logback","repo":"https://github.com/qos-ch/logback","vendor":"QOS.CH Sarl","versions":[{"status":"unaffected","version":"1.4.12"},{"status":"unaffected","version":"1.3.12"},{"status":"unaffected","version":"1.2.13"}]}],"configurations":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"\n<pre>The attacker needs to be able to feed poisoned data to a logback receiver. Thus, the attacker needs to connect to a logback receiver which can be a significant hurdle in itself.</pre>\n\n<br>"}],"value":"The attacker needs to be able to feed poisoned data to a logback receiver. Thus, the attacker needs to connect to a logback receiver which can be a significant hurdle in itself.\n\n\n\n\n"}],"credits":[{"lang":"en","type":"finder","user":"00000000-0000-4000-9000-000000000000","value":"Yakov Shafranovich, Amazon Web Services"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"\nA serialization vulnerability in logback receiver component part of \nlogback version 1.4.11 allows an attacker to mount a Denial-Of-Service \nattack by sending poisoned data.\n\n"}],"value":"A serialization vulnerability in logback receiver component part of \nlogback version 1.4.11 allows an attacker to mount a Denial-Of-Service \nattack by sending poisoned data.\n\n"}],"impacts":[{"descriptions":[{"lang":"en","value":"Excessive CPU or memory usage on the host where a logback receiver component is deployed"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.1,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"description":"Denial-of-service using poisoned data","lang":"en"}]}],"providerMetadata":{"orgId":"455daabc-a392-441d-aa46-37d35189897c","shortName":"NCSC.ch","dateUpdated":"2023-12-05T08:57:52.168Z"},"references":[{"url":"https://logback.qos.ch/news.html#1.3.12"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Only environments where logback receiver component is deployed may be vulnerable.\n In case a logback receiver is deployed, restricting connections to \ntrustworthy clients or  upgrading to logback version 1.4.12 or later will remedy the vulnerability.<br>"}],"value":"Only environments where logback receiver component is deployed may be vulnerable.\n In case a logback receiver is deployed, restricting connections to \ntrustworthy clients or  upgrading to logback version 1.4.12 or later will remedy the vulnerability.\n"}],"source":{"discovery":"EXTERNAL"},"title":"Logback \"receiver\" DOS vulnerability ","workarounds":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Only environments where logback receiver is deployed are vulnerable. <br>"}],"value":"Only environments where logback receiver is deployed are vulnerable. \n"}],"x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://logback.qos.ch/news.html#1.3.12","tags":["x_transferred"]},{"url":"https://security.netapp.com/advisory/ntap-20241129-0012/"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-11-29T12:04:40.421Z"}},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-10-11T17:51:31.895829Z","id":"CVE-2023-6378","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-11T17:55:50.633Z"}}]}}